The system is designed to help companies embrace cloud computing without exposing critical systems and infrastructure to threats that security solutions designed for use on-premises are sometimes incapable of blocking.

“As cloud adoption rises, part of the Pax8 value-add is to help MSPs craft a grounding strategy to close the security gap,” said Ryan Walsh, chief channel officer at Greenwood, Colo.-based Pax8, in prepared remarks.

According to research from Enterprise Strategy Group cited by Pax8, 74 percent of surveyed companies seeking to protect hosted workloads have to abandon onsite security policies and technologies that proved ineffective when used offsite.

Data published last month by Synergy Research Group showed a 24 percent year-over-year global spending increase in key cloud service and infrastructure categories between September 2016 and September 2017, to $180 billion. Forrester, meanwhile, expects global spending on cloud security specifically to rise at a 28 percent annualized rate through 2021 to $3.5 billion.

“As businesses continue to migrate workloads to public cloud services, it’s important they evaluate existing security policies and ensure protection against evolving cyber threats,” said Javed Hasan, senior vice president of endpoint and datacenter products at Mountain View, Calif.-based Symantec, in a press statement. “We are excited to work with Pax8 to offer Symantec Cloud Workload Protection to MSPs and help deliver automated discovery, monitoring, and proactive protection for securing critical cloud workloads and meeting the challenges of the cloud generation.”

Symantec Cloud Workload Protection is the latest addition to a portfolio of Symantec products available via Pax8 that spans the vendor’s web, email, and endpoint security solutions. The distributor offers security systems from Sophos Ltd. and BAE Systems, among others, as well.

Cloud security has been a point of emphasis for Symantec since its June 2016 announcement of plans to acquire Blue Coat Inc., a cloud security specialist headquartered in Sunnyvale, Calif. When that transaction closed two months later, Blue Coat CEO Greg Clark assumed that same post in Symantec’s boardroom.

The new technology also offers protection against Meltdown, the vulnerability in Intel x86 processors and some ARM-based CPUs first exposed by Google’s Project Zero security team last month, according to SonicWall CTO John Gmuender.

“SonicWall currently expects the RTDMI technology to be effective against future exploits that are based on the Meltdown vulnerability,” Gmuender said in emailed remarks to ChannelPro.

Malware writers have developed a variety of ways to conceal malicious payloads from today’s increasingly sophisticated security defenses, including custom encryption schemes. Those techniques often expose a virus’s most dangerous weapons too briefly for most detection systems to analyze, and are smart enough in some cases to hide those weapons entirely when run inside a sandbox.

According to Gmuender, however, RTDMI’s patent-pending technology compels malware that exhibits no malicious behavior to unveil its concealed weaponry, even if that code is encrypted and visible for intervals less than 100 nanoseconds.

“RTDMI controls the execution of the malware, and forces the malware to execute the code paths that reveal its malicious nature,” he says.

The result, according to SonicWall, is proactive, real-time protection against zero-day exploits and previously unknown threats.

Gmuender contrasts RTDMI with endpoint detection and response (EDR) products from vendors like SentinelOne, of Mountain View, Calif. Those systems, he says, rely on agents running directly on protected endpoints. RTDMI, on the other hand, intercepts malware before EDR systems even have a chance to assess it.

“Potentially malicious content is executed by the RTDMI engine technology within the SonicWall Capture Cloud, and the solution blocks that content from reaching clients and servers until a verdict is rendered, thus preventing malicious payloads from reaching endpoints,” Gmuender says.

The new technology was developed by researchers and engineers in SonicWall’s Capture Labs unit, who have been working on it since 2016. It is one of multiple threat detection engines utilized by Capture Cloud.

Gmuender declines to specify whether RTDMI will protect against Spectre, a second critical vulnerability exposed last month by Google researchers that affects chips from Intel, AMD, and ARM. Experts generally consider Spectre a bigger threat, and harder one to block, than Meltdown.

]]>https://mytechdecisions.com/network-security/sonicwall-reveals-new-defense-zero-days/feed/0The Risks and Mitigations of the Internet of Things (IoT) in Supply Chainhttps://mytechdecisions.com/network-security/internet-things-iot-supply-chain/
https://mytechdecisions.com/network-security/internet-things-iot-supply-chain/#respondMon, 19 Feb 2018 10:00:12 +0000https://mytechdecisions.com/?p=10910When it comes to product delivery, many companies are introducing the Internet of Things (IoT) into the supply chain through connected devices.

]]>In an increasingly digital world, every aspect of product development and delivery is being transformed, facilitated, and made more efficient through automation and integrated intelligence. The supply chain is no exception; today, many firms are extending Internet of Things (IoT) devices into their supply chain to improve productivity and customer service. Sensors, communication devices, analytics engines, and decision-making aids are being employed to improve the efficiency of fleet management services, schedule optimization, routing, and reroutes due to adverse conditions. The IoT provides real-time tracking solutions and instant inventory visibility.

However, as firms use the IoT to expand their reach into the supply chain, so too does it increase their attack vectors and potential loss of proprietary and sensitive data. Cloud computing stores data and passes it between potentially thousands of devices that may have exploitable vulnerabilities; a poorly designed architecture could provide hackers the ability to disrupt, destroy, or steal vast and valuable stores of corporate and personal data. As an example, in October 2016, the IoT botnet Mirai led the largest DDoS attack ever, leading to a large number of popular websites on the internet going down, including Twitter, the Guardian, Netflix, Reddit, and CNN.

Abel Sussman is a Director for Cyber Risk Advisory at Coalfire. He is responsible for helping clients advance security program strategy, meet legislative compliance, and implement cyber-security programs. He is a leader and recognized industry expert on Cloud Computing, Security, and federal compliance

Specific to the supply chain is the issue of Data Leakage, where content becomes visible to cyber “eavesdroppers,” either through malicious or unintended means. A recent Princeton paper demonstrated that popular IoT devices (including Amazon Echo), where the data streams were assumed to be encrypted and therefore not susceptible to direct inspection, were in fact highly revealing merely by looking at the traffic rates of the encrypted data flows. While safeguards can be assumed to be in place within the firm’s “system of record,” or database, data leakage can occur when data is passed between complementary systems unless the same level of data protection is enforced. Within the IoT ecosystem, data can be observed at various points including data at rest, data in-motion between vendors, and data at system boundary endpoints.

It is enormously valuable to malicious actors to observe a firm’s supply chain. Without proper confidentiality controls, actors can spy key relationships, contents, shipping volume, and destination. From these pieces, competitors and market actors can gain undue insight into a company’s business operations and gain advantage.

To protect against Data Leakage, device security needs to be addressed throughout the system lifecycle, from design to field operations. First, firms need to examine their data governance methodologies to build effective and secure IoT products and services. Corporate policy should drive secure processes, architecture development, device control, and system monitoring. Second, devices need to be configured to automatically identify, locate, and profile supply chain objects; they need to accept patches from known sources, and be cut out of the network if compromised before they can infect others. In many ways, IT and network security protocols need to evolve to an IoT world, with updated methodologies better addressing the requirements of distributed devices.

As mentioned, Data Leakage is an ecosystem issue, and all participants must understand where their responsibilities begin and end and what they are responsible to protect. This requires defining standards for interoperability and encryption so all participants can communicate and work together safely and effectively.

Below is an action plan for CIOs that are considering implementing IoT for their supply chain:

Sign up for security alerts from the US Computer Emergency Readiness Team (US-CERT).

Develop a data flow map from vendor systems to show downstream and upstream information flow.

Coordinate across integrated vendors: require that software and application providers use secure coding practices, and that all vendors including hardware providers test for security readiness—require testing documentation and transparency on secure coding practices in contract language.

Develop policy and procedures, with executive-level direction and oversight, that focus on security for network-connected devices and address risks inherent in the Internet of Things. These documents should include rules on selecting hardware that incorporate security features, guidelines/schedules for performing penetration tests, as well as end-of-life strategy.

Create a robust Incident Response Plan (IRP) that prepares the enterprise for disruptive events. Incident Response teams should be trained in their roles and conduct regular tabletop testing for a range of potential scenarios, and customer-facing staff must be trained in understanding which customer-reported incidents need to be escalated to the CISO.

Assure a defense-in-depth security approach to protect the firm’s most valuable assets by implementing layered defenses against cybersecurity threats.

There’s little question that the Internet of Things is extremely enabling across product manufacturing, the supply chain, and within product functionality itself. Yet, it’s essential to understand that new connected devices bring new risks and learn to both understand and mitigate them, so that the full promise of the technology can be extracted while minimizing potential downsides. In cybersecurity, we understand that risk can’t be eliminated, but it can be minimized and proactively managed. The goal of each company integrating the IoT into the supply chain should be to fully understand and deploy strategies to bring risk to acceptable levels.

]]>https://mytechdecisions.com/network-security/internet-things-iot-supply-chain/feed/0Who Got Hacked This Week? February 16 Editionhttps://mytechdecisions.com/network-security/who-got-hacked-february-16/
https://mytechdecisions.com/network-security/who-got-hacked-february-16/#respondFri, 16 Feb 2018 17:00:42 +0000https://mytechdecisions.com/?p=10998What types of cyberattacks were carried out this week, February 16, 2018? Read on to find out about the latest cyberattacks and who got hacked this week.

]]>Each week, TechDecisions brings you the latest cyber security news on cyberattacks and who got hacked from around the internet.

Cyber security is becoming a main issue for many companies, and our weekly feature is a good example of why.

Every week there are multiple stories of people, businesses, and products being hacked for fun, for money, and sometimes for evil.

Luckily for you, knowing the enemy is half the battle. In order to prevent getting hacked in the future, you need to understand who got hacked in the past. Cyber security is a constantly evolving threat to any organization, and even individuals.

Make sure to check out a couple of pieces of content to gain a better understanding of cyber security, and how cyberattacks are carried out.

After reading these pieces of content you’ll understand how cyber security works and get a better idea of how these weekly cyberattacks are working. Only by being equipped with the right information can any organization hope to protect themselves against the constant threats out there.

Each week we’ll be sure to get you the information so you know what cyberattacks are going on around the country and around the world.

This week includes:

The opening ceremony of the Pyeonchang Winter Olympics hit by cyber attack

New Point-of-Sale malware uses DNS queries to steal credit card info

Thousands of government websites from around the world hacked to mine cryptocurrency

]]>https://mytechdecisions.com/network-security/who-got-hacked-february-16/feed/0Hacking is a Lucrative Endeavor on Both Sides of the Lawhttps://mytechdecisions.com/network-security/hacking-lucrative-endeavor-sides-law/
https://mytechdecisions.com/network-security/hacking-lucrative-endeavor-sides-law/#commentsThu, 15 Feb 2018 10:00:31 +0000https://mytechdecisions.com/?p=10730While black-hat hacking is leading to some of the most costly ransomware attacks in history, companies are shelling out money for white-hat hacking to improve cybersecurity.

]]>Cybercrime is big business for hackers and cybersecurity professionals alike. Black-hat hackers, a computer hacker who carries out illegal malicious hacking work, cashes in by way of gleaning company and individual bank account information, or by preventing someone from accessing his computer data and then charging a fee (ransom) to unlock it. On the other hand, white hat hackers, a computer hacker intending to improve security, will often receive lucrative positions with large corporations with a mandate to fight and protect company data.

White-hat hackers often from their own companies, providing white-hat services in an attempt to prevent data loss. A good example of the latter is Katie Moussouris, a former hacker and the founder and CEO of Luta Security, a cybersecurity company who’s main claim to fame centers on the issue of ‘vulnerability disclosure.’ Moussouris advises corporate decision makers and other stakeholders, “Don’t hate the finder; hate the vuln [vulnerability]. Prosecute crime not research).

In Terms of Global Dollars

No matter how you slice or dice it, 2017 was probably a banner year where it comes to cybercrime. According to Limor Kessem, a top cyber intelligence expert at IBM Security, “IBM X-Force researchers monitor 35 billion security events per day for over 4,500 companies in 133 countries. In this endeavor, they have found that among the many aspects of cybercrime threats and their detrimental effect on consumers and businesses, a few key threats emerged in 2016 and are not likely to subside in 2017.”

“Juniper research recently predicted that the rapid digitization of consumers’ lives and enterprise records will increase the cost of data breaches to $2.1 Trillion globally by 2019, increasing to almost four times the estimated cost of breaches in 2015,” says Steve Morgan, contributing writer with Forbes magazine.

Addressing the Underlying Problems

Many years ago, local, state, and federal governments, as well as businesses of every size, did not have to spend large sums of money to protect the data they transmitted, collected, and stored. The question is, why is it suddenly necessary?

Technologically and historically speaking, yesterday’s leased telephone lines–which were often used to link company LANs (Local Area Networks) to a central hub, thus forming an enterprise or WAN (Wide Area Network)–limited the number of potential attackers to but a bare few. These leased lines were closed connections that required an attacker to be in physical contact with the line itself in order to tap into the circuit. The use of fiber-optic cables all those years ago also assured that no one could easily glean the data that coursed through it.

Today, however, the Internet allows anyone from anywhere on the planet to attack a business or a specific individual anywhere else. This is because the Internet connects all of us across the planet.

So, is it possible to prevent the penetration of your Internet-connected data networks by resourceful, knowledgeable hackers? Yes and no. There’s no clear-cut, definitive answer, other than you get out what you put in—so the more you do to protect your network and the data that flows into and from it, the better protected it’s going to be.

The Need for User Education and Better Enforcement

User education and on-going training along with better legislation and more stringent enforcement are additional ways to assure data security. Effective laws on the books is a must and that’s not always enough to encourage or force everyone to spend the kind of money necessary to safeguard the data they harbor.

“This absolutely depends on the situation and business vertical. Some are required by law to report a breach (NY DFS) within a certain amount of time—like a couple of days–while in other cases it’s at the sole discretion [of the company involved]. We’ve helped customers draft communications to clients after there’s been a known or potential compromise,” says Karl Knudsen, Managing Partner, HighCastle Cybersecurity, New York. “Ultimately, it’s case by case; depending on laws on the books now, but that list is growing rapidly and we anticipate it being adopted across several industries.”

The solution to the cybercrime problem involves effective decisions at the top of every organization across the globe. Effective decisions rely on having the right information at the right time. For this reason, Corporate Tech Decision contacted several professionals in the cybersecurity arena to offer advice.

]]>https://mytechdecisions.com/network-security/hacking-lucrative-endeavor-sides-law/feed/13 Ways Blockchain Technology Can Get Your Privacy Back On the Internethttps://mytechdecisions.com/network-security/3-ways-blockchain-technology-can-get-privacy-back-internet/
https://mytechdecisions.com/network-security/3-ways-blockchain-technology-can-get-privacy-back-internet/#respondThu, 15 Feb 2018 10:00:21 +0000https://mytechdecisions.com/?p=10902Blockchain works three ways to help end users reclaim and keep their privacy during the age of surveillance and nonstop hacking.

]]>While the Internet of Things (IoT) is “one of the most transformative innovations of our time,” and is an easy step to connecting together endless devices, ReadWrite says it’s an easy target for unwanted data collectors. Blockchain could be the solution to the problem.

With IoT, the ability for the government and hackers to put their fingers into end users’ and businesses’ data is like fishing in a barrel: “All of our connected devices continuously broadcast our information, and the collection can be used in unimaginable ways…With all the data shared through IoT, it’s almost like surveillance projects…have the ability to bend time and space to repeat the past,” ReadWrite says.

However, ReadWrite reports that progress in developing block chain technology is making IoT more secure, and improving users’ privacy on the World Wide Web.

What decision makers need to know:

For decision makers looking for ways to keep their business’s and personal data protected, they should consider the three main ways blockchain technologies work to boost security:

Decentralizing the network

With IoT, devices talk to each other through millions of miles worth of internet infrastructure; since these devices broadcast through centralized servers, weak spots are easily identified by hackers. However, ReadWrite says that blockchain runs a decentralized ledger system, “which distributes information across a network of computers and uses a consensus algorithm to ensure parity.” This means that the information passed through the network isn’t managed by a central authority, and isn’t visible to threats in a central location; instead, the information is spread out, and harder for threats to kick in.

Tokenized information is enabled

According to ReadWrite, “blockchain was initially conceived by bitcoin developers to facilitate p2p transactions without the use of an intermediary like a bank,” and this “tokenized” technique has been successful so far. The same technique can be applied to IoT – “tokenized information is the perfect balance between accessibility and privacy.” For IoT, tokenized information can act as a substitute for a person’s or business’s actual information. As a result, this can achieve a personal connection without revealing key data, thus keeping the actual data secure.

Blockchain is unchangeable

ReadWrite says that blockchain technologies offer a transparent framework that records activity, and prevents activity from being tampered with. This characteristic is key in making sure that users’ and businesses’ data is “accurate, intact, and secure.” This also prevents whistleblowers and hackers from creating a data breach, and keeping their moves hidden and unsolvable during an investigation.

]]>https://mytechdecisions.com/network-security/3-ways-blockchain-technology-can-get-privacy-back-internet/feed/0New SIO Modules from Mercuryhttps://mytechdecisions.com/network-security/new-sio-modules-mercury/
https://mytechdecisions.com/network-security/new-sio-modules-mercury/#respondWed, 14 Feb 2018 17:00:52 +0000https://mytechdecisions.com/?p=10950The next generation of SIO modules from Mercury are built on the Authentic Mercury open platform and offer flexibility with controller configuration.

]]>Mercury Security introduce its new family of MR Series 3 serial input/output (SIO) modules that are said to extend integration capabilities, enhance cybersecurity and provide seamless upgrades for existing Mercury-based deployments.

The next-generation SIO modules are built on the Authentic Mercury open platform and provide OEMs, channel partners and end customers the flexibility to choose the controller configuration that best fits their needs, according to the company.

The modules feature an embedded crypto memory chip that provides a secured layer of encryption to onboard sensitive data. They also support OSDP and Secure Channel Protocol for enhanced connectivity, device management and extended applications such as biometric-focused applications.

In addition, support for the federal government profile (FICAM) makes it possible to expand the controller architecture and streamline the implementation of government systems.

Mercury says partners and end customers can benefit from the modules in new access control systems or they can be used for seamless plug-and-play upgrades from the company’s existing MR series controllers.

“Mercury has long been the pioneer in driving open solutions for the access control industry and the new MR Series 3 SIOs are an extension of our commitment to providing customers with value-added products that are built for the future,” says Matt Barnette, president of Mercury Security. “Scalable and designed with cybersecurity in mind, this addition to our Authentic Mercury product line is ideal for security-conscious organizations seeking to take full advantage of the latest industry standards and technologies to create more trusted, scalable and connected security systems.”

The product family includes four serial SIO modules that enable system expansion of Authentic Mercury intelligent controllers as part of Mercury’s distributed architecture.

Mercury MR Series 3 Details

The MR50 enhanced SIO single-card reader interface panel is designed for expansion of a single door.

]]>Cybersecurity concerns have been plaguing organizations across the world for years now. Some of the most devastating hacks in recent history have cost companies millions of dollars. Not to mention the headaches for customers that have information and identities stolen thanks to a company’s subpar cybersecurity standards.

As a response to the increasing dangers of cybersecurity, the EU has created the General Data Protection Regulation (GDPR) to go into effect in May of 2018. According to the EU’s Commission:

The objective of this new set of rules is to give citizens back control over of their personal data, and to simplify the regulatory environment for business. The data protection reform is a key enabler of the Digital Single Market which the Commission has prioritised. The reform will allow European citizens and businesses to fully benefit from the digital economy.

The UK is taking this a step further, issuing regulations that will fine critical organizations that fail to meet certain cybersecurity standards. Organizations in industries like energy, transport, water and health will be subject to fines of up to $24 million if they fail to demonstrate that their cybersecurity systems can withstand cyberattacks. According to TechCrunch:

Major requirements for organizations will include having the right people and organization in place to handle a cyber attack; having the right software in to protect against attacks; having the right capabilities in place to detect if an attack has taken place anyway; and having the right systems in place to minimize the impact of an attack if a system is breached (despite the other three being in place).

The fines are only a last resort, and organization will be notified of requirements needed to improve their systems.

The news is welcome to any customers that have been a part of cyberattacks in the past. While the threat of cyberattacks could potentially cost companies millions of dollars, many companies are reactive as opposed to proactive about cybersecurity fail safes and best practices. There’s a reason so many companies were affected by WannaCry and NotPetya last year – many organizations are unequipped to battle such threats.

This way the UK government is forcing the most critical organizations to be proactive instead of reactive. Infrastructure like water and energy is a much more dangerous game than even personal information. If you lose your identity the process of recovering it is long and painstaking – but not as long or painstaking as dehydration or hypothermia from a critical infrastructure being locked down and citizens being unable to turn on the faucet or the heat.

It will be interesting to see how other EU countries respond to the UK’s added measures against companies, and if the practice makes its way further east or west to Asian and American countries as well. In any case, it’s about time someone held companies responsible for cybersecurity before the worst case scenario occurs.

]]>https://mytechdecisions.com/network-security/uk-will-fine-organizations-poor-cybersecurity-millions/feed/0Best Practices for Cybersecurity: Stay Cyber SMARThttps://mytechdecisions.com/network-security/best-practices-cybersecurity-stay-cyber-smart/
https://mytechdecisions.com/network-security/best-practices-cybersecurity-stay-cyber-smart/#commentsMon, 12 Feb 2018 10:00:16 +0000https://mytechdecisions.com/?p=10728When it comes to best practices for cybersecurity, you want to be SMART. The CTO of Abacode explains exactly what that means.

]]>The usual advice we provide to companies on best practices for cybersecurity boils down to a 5-pronged approach we call Cyber SMART:

S = Self-governance: Make sure you have the proper cybersecurity framework in place with governing policies & procedures.

M = Monitoring: You need to have visibility into your IT infrastructure and always be watching for potential attacks and indicators of compromise (IOCs).

A = Assessments: Get third-party audits of your systems on a regular basis, and develop a plan of actions for addressing any gaps.

R = Remediation: This is not only having a system of regular vulnerability scanning & patching in place, but also having a formalized incident response policy and forensic readiness (i.e., have adequate audit logs and an investigative team standing by should something happen).

T = Training: People are the first and last line of defense, and by enhancing education & awareness, we can help keep them from undermining the other security controls that are in place in the system.

Unfortunately, I believe the “new normal” is assumption of breach. Just as ships need to be built to float with the knowledge there will be leaks, modern systems are so complex and interconnected with so many points of entry that it’s almost impossible to plug every hole. So, we believe that having visibility, performing threat hunting, and continuously monitoring for indicators of compromise is most effective. Sure, you still try to put in layers of defense to make the system as hard to penetrate as possible; but nothing’s every foolproof. That’s why you need constant vigilance and effective incident response.

Jeremy Rasmussen is Chief Technology Officer of Abacode, a Tampa, Florida based company that provides managed cybersecurity services for growing businesses across all industries. Abacode employs global thought leaders and industry experts in ethical hacking, corporate governance, and incident response to provide its clients with a holistic view of cybersecurity. He is also an instructor at the University of South Florida and founder of the USF Whitehatters Computer Security Club (WCSC).

]]>https://mytechdecisions.com/network-security/best-practices-cybersecurity-stay-cyber-smart/feed/1Who Got Hacked This Week? February 9 Editionhttps://mytechdecisions.com/network-security/who-got-hacked-february-9/
https://mytechdecisions.com/network-security/who-got-hacked-february-9/#respondFri, 09 Feb 2018 15:00:07 +0000https://mytechdecisions.com/?p=10929What types of cyberattacks were carried out this week, February 9, 2018? Read on to find out about the latest cyberattacks and who got hacked this week.

]]>Each week, TechDecisions brings you the latest cyber security news on cyberattacks and who got hacked from around the internet.

Cyber security is becoming a main issue for many companies, and our weekly feature is a good example of why.

Every week there are multiple stories of people, businesses, and products being hacked for fun, for money, and sometimes for evil.

Luckily for you, knowing the enemy is half the battle. In order to prevent getting hacked in the future, you need to understand who got hacked in the past. Cyber security is a constantly evolving threat to any organization, and even individuals.

Make sure to check out a couple of pieces of content to gain a better understanding of cyber security, and how cyberattacks are carried out.

After reading these pieces of content you’ll understand how cyber security works and get a better idea of how these weekly cyberattacks are working. Only by being equipped with the right information can any organization hope to protect themselves against the constant threats out there.

Each week we’ll be sure to get you the information so you know what cyberattacks are going on around the country and around the world.